一、js代碼分析之編碼轉換
writeup:
- 打開index.html
<script src="script-min.js"></script> //首先調用.js腳本
<script type="text/javascript">
var ic = false; #默認ic值為false
var fg = "";
function getFlag() { //function函數內的getfFlag按鈕會觸發相應事件
var token = document.getElementById("secToken").value; // #獲取文本輸入框中的值賦值給token
ic = checkToken(token); //調用checkToken(token)這個函數進行檢查賦值,該函數包在.js腳本中包含
fg = bm(token); //調用checkToken(token)這個函數進行賦值
showFlag() //定義showFlag() 函數
}
function showFlag() { //showFlag()函數的輸出功能
var t = document.getElementById("flagTitle");
var f = document.getElementById("flag");
t.innerText = !!ic ? "You got the flag below!!" : "Wrong!";
t.className = !!ic ? "rightflag" : "wrongflag";
f.innerText = fg;
}
</script>
</head>
<body>
<h1>Flag in your Hand</h1>
<p>Type in some token to get the flag.</p>
<p>Tips: Flag is in your hand.</p>
<div>
<p>
<span>Token:</span>
<span><input type="text" id="secToken"/></span>
</p>
<p>
<input type="button" value="Get flag!" onclick="getFlag()" />
</p>
2.很明顯的看到了點擊按鈕觸發getFlag函數,ic默認是false,調用checkToken(token)這個函數,那么說明checkToken函數就是關鍵點了。
3.打開checkToken函數看看里面的內容,難道說flag就是FAKE-TOKEN
4.然而輸入之后還是提示錯誤,那就只剩fg = bm(token);這句代碼有問題了
5.直接搜索ic,說明ic肯定是在這面變成false的
6.直接點擊左側圖標下斷點吧,然后點擊按鈕,成功的斷了下來,發現函數參數s就是我輸入的變量,然后比較s和a的長度,接着用s的值減3和a的值相比較,如果都沒問題,那么就返回true
7.因此只要反推出返回true的s即可。求解代碼如下:
8.在token框中輸入security-xbu
9.最終得到flag:
RenIbyd8Fgg5hawvQm7TDQ
二、base64編碼之鍵盤密碼
writetup:
1.打開文件后得到兩串十六進制字符串
636A56355279427363446C4A49454A7154534230526D6843 56445A31614342354E326C4B4946467A5769426961453067
2.將十六進制字符串轉換成ascii
http://www.ab126.com/goju/1711.html
得到:
cjV5RyBscDlJIEJqTSB0RmhC
VDZ1aCB5N2lKIFFzWiBiaE0g
3.將其base64:
得到:
r5yG lp9I BjM tFhB T6uh y7iJ QsZ bhM
4.看到每4個字母中間有一個空格,再看看鍵盤,發現是鍵盤密碼,即幾個字母在鍵盤上圍出了一個字母,例如r5yG圍出的是t,lp9I圍出了o。找到每組字⺟包圍的字⺟組成flag即可.(不⽤加前綴)
5.得到:
r5yG-T,lp9I-O, BJM-N,tFhB-G, T6uh-Y,y7iJ-U,QsZ-A,bhM-N
6.最終得到flag:
TONGYUAN
三、工業流量包分析
writeup:
1.打開流量包,發現存在關於ARP、UDP、SNA協議的流量包,其中存在大量的UDP流量,如圖所示:
2.首先對UDP流量包進行分析,分析發現UDP流量包的長度存在大量相同,一共出現的長度分別為16 17 12 14 10 18 19 20 22 25 32 89 95 104 105 116 131 137 524 528,在這些長度中僅12,89,104,105,131,137出現一次,其余長度多次出現,於是猜測這僅出現一次的流量包存在異常。
3.這里對12長度進行UDP流追蹤,發現了可疑的字符
4.提取出字符串666c61677b37466f4d3253746b6865507a7d,並轉換成對應ACII碼
5.最終得到Flag:
flag{7FoM2StkhePz}
四、文本中有規律的大寫字母
1.下載附件后,發現是一個很大的文本,仔細觀察文本,發現文本中有很多故意加粗的大寫字母。
2.將大寫過濾出來出來
cat
f590c0f99c014b01a5ab8b611b46c57c.txt
|
grep
-o
'[A-Z]'
|
tr
-d
'\n'
其中:
- grep -o 只顯示匹配到的字符串
- tr -d 刪除指定字符
3.得到過濾的字符:
ZEROONEZEROZEROZEROZEROONEZEROZEROONEZEROZEROONEZEROZEROONEZEROONEZEROONEZEROONEZEROZEROZEROONEZEROONEZEROZEROONEONEZEROONEZEROZEROZEROZEROONEONEZEROONEZEROONEZEROONEZEROZEROZEROONEZEROZEROZEROONEONEZEROZEROONEONEONEONEZEROONEONEZEROONEONEZEROONEZEROZEROZEROZEROZEROONEONEZEROZEROZEROONEZEROONEONEZEROZEROONEZEROZEROZEROZEROONEONEZEROZEROONEONEZEROONEZEROONEONEONEONEONEZEROZEROONEONEZEROZEROZEROONEZEROONEONEZEROONEONEONEZEROZEROONEZEROONEONEONEONEONEZEROONEONEONEZEROZEROZEROZEROZEROONEONEZEROONEONEZEROZEROZEROZEROONEONEZEROONEZEROZEROZEROZEROONEONEZEROZEROZEROONEZEROONEONEZEROONEONEONEZEROZEROONEZEROONEONEONEONEONEZEROZEROONEONEZEROONEZEROONEZEROZEROONEONEZEROZEROZEROONEZEROZEROONEONEZEROONEONEONEZEROZEROONEONEZEROZEROONEONEZEROONEONEONEONEONEZEROONE
4.將文章中的所有大寫字母提取出來,得到一串全部由ZERO與ONE組成的字符串,ZERO替換為數字0,ONE替換為數字1,從而得到一個二進制表示的數,再將此數轉換為字符串即可。
010000100100100101010100010100110100001101010100010001100111101101101000001100010110010000110011010111110011000101101110010111110111000001101100001101000011000101101110010111110011010100110001001101110011001101111101
5.在線二進制轉字符串:
http://www.txttool.com/wenben_binarystr.asp
6.python腳本獲取
#coding:utf-8
from string import uppercase
from Crypto.Util.number import long_to_bytes
def solve():
with open('data.txt','r') as f: #data.txt是上面過濾的大寫字母
data=f.read()
cip=''
for c in data:
if c in uppercase:
cip+=c
cip=cip.replace('ZERO','0')
cip=cip.replace('ONE','1')
return long_to_bytes(long(cip,2))
if __name__=='__main__':
print solve()
7.得到flag:BITSCTF{h1d3_1n_pl41n_5173}
五、RSA解密
題目描述:
Fady同學以為你是菜鳥,不怕你看到他發的東西。他以明文形式將下面這些東西發給了他的朋友 :p=0xa6055ec186de51800ddd6fcbf0192384ff42d707a55f57af4fcfb0d1dc7bd97055e8275cd4b78ec63c5d592f567c66393a061324aa2e6a8d8fc2a910cbee1ed9 q=0xfa0f9463ea0a93b929c099320d31c277e0b0dbc65b189ed76124f5a1218f5d91fd0102a4c8de11f28be5e4d0ae91ab319f4537e97ed74bc663e972a4a9119307 e=0x6d1fdab4ce3217b3fc32c9ed480a31d067fd57d93a9ab52b472dc393ab7852fbcb11abbebfd6aaae8032db1316dc22d3f7c3d631e24df13ef23d3b381a1c3e04abcc745d402ee3a031ac2718fae63b240837b4f657f29ca4702da9af22a3a019d68904a969ddb01bcf941df70af042f4fae5cbeb9c2151b324f387e525094c41 c=0x7fe1a4f743675d1987d25d38111fae0f78bbea6852cba5beda47db76d119a3efe24cb04b9449f53becd43b0b46e269826a983f832abb53b7a7e24a43ad15378344ed5c20f51e268186d24c76050c1e73647523bd5f91d9b6ad3e86bbf9126588b1dee21e6997372e36c3e74284734748891829665086e0dc523ed23c386bb520 他嚴重低估了我們的解密能力
writeup:
1.將題目中的十六進制類型轉換成十進制:
p=8695224115036335558506571119739296036271134788610181138168484331081777972517240308721981280176995392696427341397469232176120700610749965333026113898553049
q=13096749823995628078930936161926731366955083380107539950861609990671457149850288846976369982960384583841424977220385144435351119887497145134804975486079751
e=76629781387397242664311670987431757827144139255639280752983416867031015307352014386648673994217913815581782186636488159185965227449303118783362862435899486717504457233649829563176353949817149997773276435581910370559594639570436120596211148973227077565739467641309426944529006537681147498322988959979899800641
c=89801389443569569957398406954707598492763923418568536030323546088278758362331043119736437910117697032594835902900582040394367480829800897231925233807745278389358031404278064633313626149336724945854865041439061149411962509247624419448003604874406282213609341704339025169015256228029200222643343430028828063008
2.通過腳本獲取RSA的M值
# coding=utf-8
import gmpy2
from Crypto.Util.number import *
from gmpy2 import iroot,invert
p=8695224115036335558506571119739296036271134788610181138168484331081777972517240308721981280176995392696427341397469232176120700610749965333026113898553049
q=13096749823995628078930936161926731366955083380107539950861609990671457149850288846976369982960384583841424977220385144435351119887497145134804975486079751
e=76629781387397242664311670987431757827144139255639280752983416867031015307352014386648673994217913815581782186636488159185965227449303118783362862435899486717504457233649829563176353949817149997773276435581910370559594639570436120596211148973227077565739467641309426944529006537681147498322988959979899800641
c=89801389443569569957398406954707598492763923418568536030323546088278758362331043119736437910117697032594835902900582040394367480829800897231925233807745278389358031404278064633313626149336724945854865041439061149411962509247624419448003604874406282213609341704339025169015256228029200222643343430028828063008
N = p * q
d = int(gmpy2.invert(e , (p-1) * (q-1)))
phi=(p-1)*(q-1)
print(phi)
d=int(invert(e,phi))
m=pow(c,d,N)
print(long_to_bytes(m))
3,最終得到flag:
ALEXCTF{RS4_I5_E55ENT1AL_T0_D0_BY_H4ND},
六、詩歌decrypted message
writeup:
1.下載題目附件可以看到如下信息:
The life that I have
Is all that I have
And the life that I have
Is yours.
The love that I have
Of the life that I have
Is yours and yours and yours.
A sleep I shall have
A rest I shall have
Yet death will be but a pause.
For the peace of my years
In the long green grass
Will be yours and yours and yours.
decrypted message: emzcf sebt yuwi ytrr ortl rbon aluo konf ihye cyog rowh prhj feom ihos perp twnb tpak heoc yaui usoa irtd tnlu ntke onds goym hmpq
可以看到上面是一段詩歌文字以及以及 decrypted message (解密消息)
2.這是一種比較奇特的加密方式,叫做Poem Codes,詳見:http://wmbriggs.com/post/1001/
加密過程如下:
(1)就其算法而言,去詩歌頭一個單詞,全部羅列出來,然后所有單詞的字母按字母表排序並編碼,如第一個a為1,第二個a為2,如果沒有a了就看b,第一個b為3,第二個b為4,一直排列下去。。。
(2)將要加密的信息的字母每18個一行(不足一行的abcdef....補足)
(3)將加密的信息第一個字母對應第一步的編碼數字,到第二步生成的字母表中取某列。
(4)分組即成加密信息。
解密過程非常復雜,不過,有人已經寫好了解密工具,詳見:https://github.com/abpolym/crypto-tools/tree/master/poemcode
3.先將以下信息保存為poem.txt
The life that I have
Is all that I have
And the life that I have
Is yours.
The love that I have
Of the life that I have
Is yours and yours and yours.
A sleep I shall have
A rest I shall have
Yet death will be but a pause.
For the peace of my years
In the long green grass
Will be yours and yours and yours.
然后將以下信息保存為:messg
emzcf sebt yuwi ytrr ortl rbon aluo konf ihye cyog rowh prhj feom ihos perp twnb tpak heoc yaui usoa irtd tnlu ntke onds goym hmpq
4.執行python腳本進行解密
python poemcode.py poem.txt messg
5.猜解出一大堆消息,選擇最像的那條即可,flag:
ifyouthinkcryptographyistheanswertoyourproblemthenyoudonotknowwhatyourproblemisabcdefghijklmnopqrstu
七、RSA低加密指數廣播攻擊
基礎知識:
如果選取的加密指數較低,並且使用了相同的加密指數給一個接受者的群發送相同的信息,那么可以進行廣播攻擊得到明文。
即,選取了相同的加密指數e(這里取e=3),對相同的明文m進行了加密並進行了消息的傳遞,那么有:
$ c_1equiv m^e$ $mod$ $n_1$
$ c_2equiv m^e$ $mod$ $n_2$
$ c_3equiv m^e$ $mod$ $n_3$
對上述等式運用中國剩余定理,在e=3時,可以得到:
$ c_xequiv m^3$ $mod$ $n_1n_2n_3$
通過對$ c_x $進行三次開方可以求得明文。
writeup:
1.題目內容為:
[{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},
{"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},
{"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},
{"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},
{"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},
{"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},
{"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},
{"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},
{"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},
{"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]
2.給了10組RSA的加密信息,共有10個公鑰,且B包含了10個c,n,e,e都是一樣的,因此想到了RSA低加密指數廣播攻擊。
3.通過腳本獲取到falg:
import libnum
import gmpy2
dic = [{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},
{"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},
{"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},
{"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},
{"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},
{"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},
{"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},
{"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},
{"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},
{"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]
n = []
C = []
for i in dic:
n.append(i["n"])
C.append(i["c"])
# for i in n:
# for j in n:
# if i == j:
# continue
# else:
# if gmpy2.gcd(i, j) != 1:
# print i, j
N = 1
for i in n:
N *= i
Ni = []
for i in n:
Ni.append(N / i)
T = []
for i in xrange(10):
T.append(long(gmpy2.invert(Ni[i], n[i])))
X = 0
for i in xrange(10):
X += C[i] * Ni[i] * T[i]
m10 = X % N
m = gmpy2.iroot(m10, 10)
print libnum.n2s(m[0])
4.最終得到flag:
flag{wo0_th3_tr4in_i5_leav1ng_g3t_on_it}
八、zip文件頭之爆破
題目描述:
我們剛剛攔截了,敵軍的文件傳輸獲取一份機密文件,請君速速破解
wirteup:
1.下載附件后,內容如下:
504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000
很明顯,504B0304是zip文件的文件頭。
2.通過010 editor導入hex,然后保存為test.zip即可
3.同時也可以通過python腳本將十六進制轉成zip文件
# coding=utf-8
import struct
# test.txt即為輸入文件,test.zip即為輸出文件
file = open("test.txt", "r")
ss = file.read()
f = open("test.zip", "wb")
i = 0
while i < len(ss):
s = ss[i:i+2]
temp = int(s, 16)
f.write(struct.pack('B', temp))
i += 2
file.close()
f.close()
4.解壓test.zip,發現需要解壓密碼,通過ziperello對zip進行破解
5.通過輸入破解的密碼123456,解壓出壓縮文件,打開flag.txt,接口獲得flag
6.flag為:
daczcasdqwdcsdzasd
九、LFSR算法解密一
writeup:
1.下載得到一個文件 末尾添加.zip.解壓得到兩個文件一個key 一個加密的py文件
2. py分析
根據R=int(flag[5:-1],2)以及len(flag)==25推測flag為19個二進制位,暴力解出flag即可
lfsr這個算法經搜索可能是一個偽隨機測試碼產生器.
參考:https://www.anquanke.com/post/id/181811
3.python腳本獲取flag
def lfsr(R,mask):
output = (R << 1) & 0xffffff
i=(R&mask)&0xffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
output^=lastbit
return (output,lastbit)
mask = 0b1010011000100011100
key=open("key","rb").read()
for t in range(pow(2,19)):
R=t
get=0
for i in range(12):
tmp=0
for j in range(8):
(R,out)=lfsr(R,mask)
tmp=(tmp << 1)^out
if chr(tmp) != key[i]: break
if i == 11: get = 1
if get == 1:
print "flag{%19d}" % int(bin(t)[2:])
break
4.最終flag為:
flag{1110101100001101011}
十、LFSR算法解密二
writeup:
1.下載得到一個文件 末尾添加.zip.解壓得到兩個文件一個key 一個加密的py文件2.根據R=int(flag[5:-1],2)以及len(flag)==27推測flag為21個二進制位,暴力解出flag即可
3.修改上面的腳本進行爆破:
def lfsr(R,mask):
output = (R << 1) & 0xffffff
i=(R&mask)&0xffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
output^=lastbit
return (output,lastbit)
mask=0x100002
key=open("key","rb").read()
for t in range(pow(2,21)):
R=t
get=0
for i in range(12):
tmp=0
for j in range(8):
(R,out)=lfsr(R,mask)
tmp=(tmp << 1)^out
if chr(tmp) != key[i]: break
if i == 11: get = 1
if get == 1:
print "flag{%21d}" % int(bin(t)[2:])
break
最終flag:
flag{110111100101001101001}
十一、RAS解密
writup:
1.下載附件,解壓文件,得到一個文件名為cry200
https://adworld.xctf.org.cn/media/task/attachments/82f462a5eb8543899f11b46cbfb4d827.zip
2.通過命令file查看文件類型,得知是zip文件類型
3.將cry200重命名為 cry200.zip,並解壓得兩個文件:key.pem 和 cipher.bin
4.使用 RsaCtfTool 即可解密 工具使用命令: python3 RsaCtfTool.py --publickey key.pem --uncipherfile cipher.bin
或者腳本:
from Crypto.PublicKey import RSA
from Crypto.Util.number import *
from gmpy2 import *
import libnum
c=bytes_to_long(open('cipher.bin','rb').read())
key=RSA.importKey(open('key.pem').read())
n,e=key.n,key.e
#print(hex(n)[2:])
s=iroot(n+1,2)[0]
p=s-1
q=s+1
assert p*q==n and isPrime(p) and isPrime(q)
d=inverse(e,(p-1)*(q-1))
print(long_to_bytes(pow(c,d,n)))
5.最終得到flag:
flag{how_d0_you_7urn_this_0n?}
十二、RAS解密二
writup:
1.下載附件,解壓文件,得到一個文件名為cry300
https://adworld.xctf.org.cn/media/task/attachments/c9b973a1f7114c0486b0410536370380.zip
2.通過命令file查看文件類型,得知是zip文件類型
3.將cry300重命名為 cry300.zip,並解壓得兩個文件:ecb.bmp和 task.txt
4.根據task.txt背景描述:
Somebody leaked a still from the upcoming Happy Feet Three movie,
which will be released in 4K, but Warner Bros. was smart enough
to encrypt it. But those idiots used a black and white bmp format,
and that wasn't their biggest mistake. Show 'em who's boss and
get the flag.
5.根據背景介紹,原圖片應該是bmp格式,經ecb工作模式加密得ecb.bmp;由於ecb工作模式不會掩蓋明文的統計規律,
因此只要能夠修復ecb.bmp就可以見到明文,要修復ecb.bmp,則要求文件的前128字節為bmp文件格式特有的字節
6.嘗試直接打開BMP文件失敗,可能是因為它以某種方式加密了:
7.通過winhex查看文件開頭的十六進制,並沒有發現BMP頭。取而代之的是字符串“ Salted__”的十六進制。
該字符串暗示數據已使用OpenSSL加密。opnnssl的“Salted__”之后的8個字節是 salt(ab 31 b5 e5 ca 3d b9 4d):
文件的其余部分是加密數據。根據題目名稱(ecb,_it’s_easy_as_123),它可能已使用ECB進行了加密。Linux penguin Tux位圖圖像,
就是使用了ECB對其進行加密,以說明相同的明文塊被加密為相同的密文塊。對於具有大量重復數據塊的明文,明文中的模式在密文中仍然可以識別:
8.如果我們可以將加密的數據轉換為有效的BMP,則由於有了ECB的屬性,我們應該能夠從未加密的BMP中找到flag
通過BMP文件格式標准,可以用一個有效的BMP頭替換OpenSSL字符串+8字節salt,那么就足以打開文件了
需要確定:
- 位圖的寬度和高度
- 每個像素的位數
根據task.txt文本描述圖像的分辨率為 4k,因此尺寸將為3840 x 2160或4096 x2160。我們可以嘗試兩者。
根據BMP規范,每個像素的位數可以是1、2、4、8、16、24或32。我們也可以嘗試其中的每一種。
可以使用winhex刪除前16個字節 ecb.bmp(“ OpenSSL __” + 8個字節salt)並替換BMP頭:
Hex
Value
Description
42 4D
"BM"
Magic number (unsigned integer 66, 77)
76 90 7e 00
8294518 bytes (118+8294400)
Size of the BMP file (8294400 = 3840x2160)
00 00
Unused
Application specific
00 00
Unused
Application specific
76 00 00 00
118 bytes (78+40)
Offset where the pixel array (bitmap data) can be found
28 00 00 00
40 bytes
Number of bytes in the DIB header (from this point)
00 0f 00 00
3840
Width of the bitmap in pixels
70 08 00 00
2160
Height of the bitmap in pixels
01 00
1 plane
Number of color planes being used
04 00
4 bits
Number of bits per pixel
00 00 00 00
0
BI_RGB, no pixel array compression used
00 90 7e 00
8294400 bytes
Size of the raw bitmap data (including padding)
00 00 00 00
0 pixels/meter horizontal
Print resolution of the image,
00 00 00 00
0 pixels/meter vertical
(don't care about printing)
00 00 00 00
0 colors
Number of colors in the palette
00 00 00 00
0 important colors
0 means all colors are important
9.將下面的十六進制刪除
53 61 6c 74 65 64 5f 5f ab 31 b5 e5 ca 3d b9 4d
f4 09 1a a5 df 88 b7 2c 0e bd 8a 73 98 15 ba 69
a2 24 3e 09 94 cb 79 1e ea a1 ad 33 c8 17 66 63
78 98 23 0b f0 af 20 38 f1 aa 0b f4 69 1c ec cf
fc d8 8e 3d 45 2a 99 b0 53 6b 50 0d 8a 3d c4 b7
62 9c 6a 54 f0 59 20 13 22 4f b6 e2 b6 aa 0a 8b
5e 21 1a 9d cf 8c a2 f6 45 80 cb 9b b7 37 da 7f
73 50 88 cb df 63 ee 22 d4 24 b3 b9 f4 24 ad 40
然后再添加以下BMP字符:
424d 7648 3f00 0000 0000 7600 0000 2800
0000 000f 0000 7008 0000 0100 0400 0000
0000 0048 3f00 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 8000 0080
0000 0080 8000 8000 0000 8000 8000 8080
0000 8080 8000 c0c0 c000 0000 ff00 00ff
0000 00ff ff00 ff00 0000 ff00 ff00 ffff
0000 ffff ff00 ffff ffff ffff ffff ffff
10.將ecb.bmp的前128字節替換為bmp文件格式特有的字節,則可以見到明文信息,實現的Python腳本如下:
from
Crypto.Util.number
import
long_to_bytes
with
open
(
'ecb.bmp'
,
'rb'
)
as
f: data=f.read() pre=
0x424d76483f00000000007600000028000000000f000070080000010004000000000000483f00000000000000000000000000000000000000000000008000008000000080800080000000800080008080000080808000c0c0c0000000ff0000ff000000ffff00ff000000ff00ff00ffff0000ffffff00ffffffffffffffffffffL
out=long_to_bytes(pre)+data[
128
:]
with
open
(
'out.bmp'
,
'wb'
)
as
g: g.write(out)
g
11.最終得到falg:
flag{no_penguin_here}
十三、仿射密碼
基礎知識:
MZYVMIWLGBL7CIJOGJQVOA3IN5BLYC3NHI IJEVIU2DKRDA
====
M解密兩次對應的都是I,不同的字母對應的都是不同的解密字母,那么猜測可能是根據某種規則進行了字母替換。
對字母表進行編碼:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 2 3 4 5 6 7
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
則有:
3 -> 11
4 -> 24
8 -> 12
20 -> 8
21 -> 21
25 -> 9
26 -> 22
5.那么,觀察可得,這是仿射密碼,這種密碼相關介紹見:https://blog.csdn.net/x_yhy/article/details/83756908
仿射密碼的a = 13和b = 4,對應表如下:
#coding:utf-8
#仿射密碼解密
#改進歐幾里得算法求線性方程的x與y
def get(a, b):
if b == 0:
return 1, 0
else:
k = a //b
remainder = a % b
x1, y1 = get(b, remainder)
x, y =y1, x1 - k * y1
return x, y
s = input("請輸入解密字符:").upper()
a = int(input("請輸入a:"))
b = int(input("請輸入b:"))
#求a關於26的乘法逆元
x, y = get(a, 26)
a1 = x % 26
l= len(s)
for i in range(l):
cipher = a1 * (ord(s[i])- 65 - b) % 26
res=chr(cipher + 65)
print(res, end='')
from base64 import b32decode
def solve():
s='MZYVMIWLGBL7CIJOGJQVOA3IN5BLYC3NHI'
dic='ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'
msg=''.join([dic[(5*dic.find(x)+12)%32] for x in s])
return b32decode(msg+'='*(8-len(msg)%8))
if __name__=='__main__':
#python solve.py
print solve()
BITSCTF{S2VyY2tob2Zm}
十四、RAS弱加密
writup:
1.下載附件,解壓文件,得到一個文件名為bf930316910b451c94c41ce8a9d851a8文件
https://adworld.xctf.org.cn/media/task/attachments/bf930316910b451c94c41ce8a9d851a8.gz
2.通過命令file查看文件類型,得知是tar文件類型
3.將其重命名為ras.tar ,並解壓得兩個文件:flag.b64和key.pub
4.分部對key.pub和flag.64的進行查看,其內容都是經過base64加密
注意:顯然在第一個文件中,flag經過base64加密,跑腳本時要記得給其解密
5.利用 openssl來查看 key.pub,分別計算得到p和q
root@kali:/opt/RsaCtfTool# openssl rsa -pubin -text -modulus -in key.pub
RSA Public-Key: (399 bit)
Modulus:
52:a9:9e:24:9e:e7:cf:3c:0c:bf:96:3a:00:96:61:
77:2b:c9:cd:f6:e1:e3:fb:fc:6e:44:a0:7a:5e:0f:
89:44:57:a9:f8:1c:3a:e1:32:ac:56:83:d3:5b:28:
ba:5c:32:42:43
Exponent: 65537 (0x10001)
Modulus=52A99E249EE7CF3C0CBF963A009661772BC9CDF6E1E3FBFC6E44A07A5E0F894457A9F81C3AE132AC5683D35B28BA5C324243
writing RSA key
-----BEGIN PUBLIC KEY-----
ME0wDQYJKoZIhvcNAQEBBQADPAAwOQIyUqmeJJ7nzzwMv5Y6AJZhdyvJzfbh4/v8
bkSgel4PiURXqfgcOuEyrFaD01soulwyQkMCAwEAAQ==
-----END PUBLIC KEY-----
得到 :
e = 65537
n (hex)= 52A99E249EE7CF3C0CBF963A009661772BC9CDF6E1E3FBFC6E44A07A5E0F894457A9F81C3AE132AC5683D35B28BA5C324243(十六進制)
https://tool.lu/hexconvert/
n(10)= 833810193564967701912362955539789451139872863794534923259743419423089229206473091408403560311191545764221310666338878019(十進制)
分解大數n,得到p、q
p = 863653476616376575308866344984576466644942572246900013156919 q = 965445304326998194798282228842484732438457170595999523426901
6.通過腳本對其進行解密#coding:utf-8
import gmpy2
import rsa
from base64 import b64decode
p = 863653476616376575308866344984576466644942572246900013156919
q = 965445304326998194798282228842484732438457170595999523426901
n = 833810193564967701912362955539789451139872863794534923259743419423089229206473091408403560311191545764221310666338878019
e = 65537
d = int(gmpy2.invert(e,(p-1)*(q-1)))
privatekey = rsa.PrivateKey(n,e,d,p,q)
with open("flag.b64","rb") as f:
str = b64decode(f.read())
print(rsa.decrypt(str,privatekey).decode())
7.最終得到flag:
ALEXCTF{SMALL_PRIMES_ARE_BAD}
十五、pdf之ROT13編碼
writeup:
1.下載附件pdf,通過閱讀器查看,發現文件無法查看
https://adworld.xctf.org.cn/media/task/attachments/9e45191069704531accd66f1ee1d5b2b.pdf
2.通過file命令查看文件類型
file flag.pdf
3.通過winhex查看文件,發現文件頭是以:%CQS-1.5.格式開頭(正常的pdf文件頭部是%PDF-1.x數字開頭)
4.通過ctfcrackt00ls工具對PDf關鍵字進行ROT13進行編碼,可以看到得到CQS,正好是flag.pdf格式開頭的
5.通過上述描述,進行rot13解密,得到解密后的pdf文件
cat flag.pdf | tr 'A-Za-z' 'N-ZA-Mn-za-m' > flags.pdf
6.打開pdf文件,發現部門內容被遮擋了
7.通過pdftohtml工具將其覆蓋的文件轉換成html
8.最終得到flag:BITSCTF{save_the_kid}
十六、維吉尼亞密碼
基礎知識:
維吉尼亞密碼是使用一系列凱撒密碼組成密碼字母表的加密算法,屬於多表密碼的一種簡單形式.
加密原理:
維吉尼亞密碼的前身,是我們熟悉的凱撒密碼。凱撒密碼的加密方式是依靠一張字母表中的每一個字母做一定的偏移。密文生成過程中,其偏移量相等。
而升級版的維吉尼亞密碼則是在原有基礎上,讓相等偏移量變為不等的偏移量。以給出的密鑰來確定密文的偏移量。在一定程度上,加大了解密的難度。
當然原理還是一致的,都是依靠偏移量進行加密。
這是一張用於加密的字母表。
比如給出的 明文是 HELLO 假定給的關鍵詞是 JLAY ,那么對應的密鑰便為:JLAYJ
那么對其進行加密,如圖:H對應J行的是Q,E對應L行的是P,以此類推。最后得到的密文變為:QPLJX
writeup:
1.下載附件,根據題目提示是維吉利亞密碼,查看文本內容如下
https://adworld.xctf.org.cn/media/task/attachments/429b7c1947d44bc4b7e62270d0fee6b3.zip
2.通過在線維吉尼亞解密網站對其進行解密,可以得到加密key為:icqvigenere
https://www.guballa.de/vigenere-solver
3.在result解密文本中搜索關鍵字flag,可得到 flag, '{' and 'vigenereisveryeasyhuh' and '}'
4.那么進行簡化和去掉字符最終得到flag:
flag{vigenereisveryeasyhuh}
十七、base64編碼之RSA解密
writeup:
方法一:
1.下載附件,可以看到RSA私鑰上面的部分被屏蔽了請恢復私鑰並解密文件,附件給出私鑰編碼的截圖,但是只能看見最后5行
附件下載:https://adworld.xctf.org.cn/media/task/attachments/92d8c7449d614543a0f9da8f05e39bbe.zip
2.OpenSSL私鑰結構
私鑰信息按如下順序排列:
version | pad | n | pad | e | pad | d | pad | p | pad | q | pad | x1 | pad | x2 | pad | x3
其中,pad是填充信息,各pad並不同,x1=d mod (p−1),x2=d mod (q−1),x3=p−1 mod qx1=d mod (p−1),x2=d mod (q−1),x3=p−1 mod q,填充pad用來注釋接下來的大數的(字節)長度,\x02為pad開頭的標記,有時后面接\x81或\x82,這用來標記長度值所占用的字節(\x81代表占用1個字節,\x82代表占用2個字節),有時后面不接\x81或\x82而直接放置長度;
例:\x02\x03代表接下來的大數的字節長度為3個字節;\x02\x81\x80,首先,\x81代表長度占用1個字節,因此\x80就是長度值,即128,表明接下來的大數的字節長度為128個字節。
將私鑰信息按照上述順序排列好之后,再進行base64編碼
3.利用已知信息恢復私鑰
截圖可見編碼為:
Os9mhOQRdqW2cwVrnNI72DLcAXpXUJ1HGwJBANWiJcDUGxZpnERxVw7s0913WXNtV4GqdxCzG0pG5EHThtoTRbyX0aqRP4U/hQ9tRoSoDmBn+3HPITsnbCy67VkCQBM4xZPTtUKM6Xi+16VTUnFVs9E4rqwIQCDAxn9UuVMBXlX2Cl0xOGUF4C5hItrX2woF7LVS5EizR63CyRcPovMCQQDVyNbcWD7N88MhZjujKuSrHJot7WcCaRmTGEIJ6TkU8NWt9BVjR4jVkZ2EqNd0KZWdQPukeynPcLlDEkIXyaQx
解碼后結合OpenSSL私鑰結構分析可得:x1,x2,x3為已知;但是僅有x1,x2,x3並不能恢復出p,q與d,若我們假設e為常用的指數3,65537等等,則可試出p與q:
d⋅e≡1 mod (p−1)(q−1)d⋅e≡1 mod (p−1)(q−1)
則有d⋅e≡1 mod (p−1)d⋅e≡1 mod (p−1)與d⋅e≡1 mod (q−1)d⋅e≡1 mod (q−1);
由x1x1與x2x2的定義可得x1⋅e≡1 mod (p−1)x1⋅e≡1 mod (p−1),x2⋅e≡1 mod (q−1)x2⋅e≡1 mod (q−1);
因此(p−1)|(x1⋅e−1)(p−1)|(x1⋅e−1);
記x1⋅e−1=r1⋅(p−1)x1⋅e−1=r1⋅(p−1);
由於x1=d mod (p−1)x1=d mod (p−1),則x1<(p−1)x1<(p−1);
幾乎可以看做x1⋅e=r1⋅(p−1)x1⋅e=r1⋅(p−1),那么必有r1<er1<e;
同理可得r2<er2<e,其中x2⋅e−1=r2⋅(q−1)x2⋅e−1=r2⋅(q−1)
可以看到,ri<e,i=1,2ri<e,i=1,2,從而可使用試除法求出ri,i=1,2ri,i=1,2;
則p=(x1⋅e−1)/r1+1,q=(x2⋅e−1)/r2+1p=(x1⋅e−1)/r1+1,q=(x2⋅e−1)/r2+1;
4.解題
實現的Python腳本如下:
from
Crypto.Util.number
import
bytes_to_long,isPrime,inverse
from
Crypto.PublicKey
import
RSA
from
Crypto.Cipher
import
PKCS1_v1_5
def genKey(X1,X2,X3):
e=
65537L
N1=X1*e
-1
N2=X2*e
-1
for
r
in
range
(e):
if
N1%(e-r)==
0
: p=N1/(e-r)+
1
if
isPrime(p):
break
for
r
in
range
(e):
if
N2%(e-r)==
0
: q=N2/(e-r)+
1
if
isPrime(q):
break
N=p*q phi=(p
-1
)*(q
-1
) d=inverse(e,phi)
assert
inverse(q,p)==X3
return
RSA.construct((N,e,long(d),p,q))
def solve():
X1=bytes_to_long(
'\xd5\xa2%\xc0\xd4\x1b\x16i\x9cDqW\x0e\xec\xd3\xddwYsmW\x81\xaaw\x10\xb3\x1bJF\xe4A\xd3\x86\xda\x13E\xbc\x97\xd1\xaa\x91?\x85?\x85\x0fmF\x84\xa8\x0e`g\xfbq\xcf!;\'l,\xba\xedY'
) X2=bytes_to_long(
'\x138\xc5\x93\xd3\xb5B\x8c\xe9x\xbe\xd7\xa5SRqU\xb3\xd18\xae\xac\x08@ \xc0\xc6\x7fT\xb9S\x01^U\xf6\n]18e\x05\xe0.a"\xda\xd7\xdb\n\x05\xec\xb5R\xe4H\xb3G\xad\xc2\xc9\x17\x0f\xa2\xf3'
) X3=bytes_to_long(
'\xd5\xc8\xd6\xdcX>\xcd\xf3\xc3!f;\xa3*\xe4\xab\x1c\x9a-\xedg\x02i\x19\x93\x18B\t\xe99\x14\xf0\xd5\xad\xf4\x15cG\x88\xd5\x91\x9d\x84\xa8\xd7t)\x95\x9d@\xfb\xa4{)\xcfp\xb9C\x12B\x17\xc9\xa41'
) rsa_key=genKey(X1,X2,X3) key= PKCS1_v1_5.new(rsa_key)
with
open
(
'flag.enc'
,
'rb'
)
as
f:
return
key.decrypt(f.read(),
''
)
if
__name__==
'__main__'
:
print
solve()[:
-1
]
注:這里之所以猜測e為65537而不是3是因為
ri<e,i=1,2
,如果e=3可能情況太少。
程序運行結果如下:
$ python solve.py
5.最終得到flag:
0ctf{Keep_ca1m_and_s01ve_the_RSA_Eeeequati0n!!!}
方法二:
1.已給出部分解密,
先把已給出部分進行base64解密
# -*- coding: utf-8 -*-
import base64
import binascii
a = """Os9mhOQRdqW2cwVrnNI72DLcAXpXUJ1HGwJBANWiJcDUGxZpnERxVw7s0913WXNt
V4GqdxCzG0pG5EHThtoTRbyX0aqRP4U/hQ9tRoSoDmBn+3HPITsnbCy67VkCQBM4
xZPTtUKM6Xi+16VTUnFVs9E4rqwIQCDAxn9UuVMBXlX2Cl0xOGUF4C5hItrX2woF
7LVS5EizR63CyRcPovMCQQDVyNbcWD7N88MhZjujKuSrHJot7WcCaRmTGEIJ6TkU
8NWt9BVjR4jVkZ2EqNd0KZWdQPukeynPcLlDEkIXyaQx"""
print binascii.hexlify(base64.b64decode(a))
得到:
3acf6684e41176a5b673056b9cd23bd832dc017a57509d471b024100d5a225c0d41b16699c4471570eecd3dd7759736d5781aa7710b31b4a46e441d386da1345bc97d1aa913f853f850f6d4684a80e6067fb71cf213b276c2cbaed5902401338c593d3b5428ce978bed7a553527155b3d138aeac084020c0c67f54b953015e55f60a5d31386505e02e6122dad7db0a05ecb552e448b347adc2c9170fa2f3024100d5c8d6dc583ecdf3c321663ba32ae4ab1c9a2ded6702691993184209e93914f0d5adf415634788d5919d84a8d77429959d40fba47b29cf70b943124217c9a431
2.rsa私鑰格式解析
標簽頭 3082025c(4 bytes) 類型為SEQUENCE 后接 604 bytes 020100 INTEGER 長度為0 內容為:VERSION 028181 INTEGER 長度為129 bytes 內容為: n(modulus) 0203 INTEGER 長度為3 bytes 內容為: e(publicExponent) 028180 INTEGER 長度為128 bytes 內容為: d(privateExponent) 0241 INTEGER 長度為65 bytes 內容為: p(prime1) 0241 INTEGER 長度為65 bytes 內容為: q(prime2) 0240 INTEGER 長度為64 bytes 內容為: d mod(p-1) exponent1 0240 INTEGER 長度為 64 bytes 內容為: d mod (q-1) exponent2 0241 INTEGER 長度為65 bytes 內容為: q -1 mod p coefficient
3.那么根據關鍵的標簽頭進行划分之后,可以得到:
3acf6684e41176a5b673056b9cd23bd832dc017a57509d471b 0241//d mod(p-1) exponent1 00d5a225c0d41b16699c4471570eecd3dd7759736d5781aa7710b31b4a46e441d386da1345bc97d1aa913f853f850f6d4684a80e6067fb71cf213b276c2cbaed59 0240//d mod (q-1) exponent2 1338c593d3b5428ce978bed7a553527155b3d138aeac084020c0c67f54b953015e55f60a5d31386505e02e6122dad7db0a05ecb552e448b347adc2c9170fa2f3 0241//q -1 mod p coefficient 00d5c8d6dc583ecdf3c321663ba32ae4ab1c9a2ded6702691993184209e93914f0d5adf415634788d5919d84a8d77429959d40fba47b29cf70b943124217c9a431
因為:
e * dp == 1 (mod (p-1)) = d mod (p-1)
e * dq == 1 (mod (q-1)) = d mod (q-1)
q * qi == 1 (mod p) = q^-1 mod p
所以:
(e * dp -1)/k +1 == (p)
(e * dq -1)/j +1 == (q)
(q * qi -1)/l == (p)
4.腳本破解pq:
# -*- coding: utf-8 -*-
import gmpy2
d_p = 0xd5a225c0d41b16699c4471570eecd3dd7759736d5781aa7710b31b4a46e441d386da1345bc97d1aa913f853f850f6d4684a80e6067fb71cf213b276c2cbaed59
d_q = 0x1338c593d3b5428ce978bed7a553527155b3d138aeac084020c0c67f54b953015e55f60a5d31386505e02e6122dad7db0a05ecb552e448b347adc2c9170fa2f3
e = 65537
for k_p in range(1, e):
if (e*d_p - 1) % k_p == 0:
p = (e*d_p - 1) / k_p + 1
if gmpy2.is_prime(p):
print '[p] {}'.format(p)
break
for k_q in range(1, e):
if (e*d_q - 1) % k_q == 0:
q = (e*d_q - 1) / k_q + 1
if gmpy2.is_prime(q):
print '[q] {}'.format(q)
break
得到:
[p] 12883429939639100479003058518523248493821688207697138417834631218638027564562306620214863988447681300666538212918572472128732943784711527013224777474072569
[q] 12502893634923161599824465146407069882228513776947707295476805997311776855879024002289593598657949783937041929668443115224477369136089557911464046118127387
5.通過腳本解密:
6.最終得到flag:
0ctf{Keep_ca1m_and_s01ve_the_RSA_Eeeequati0n!!!}
十八、RSA256解密
writeup:
1.下載附件,解壓文件,得到一個文件名為8eec4a4af1e14eb08648c8fda7660a0f文件
https://adworld.xctf.org.cn/media/task/attachments/8eec4a4af1e14eb08648c8fda7660a0f.gz
2.通過命令file查看文件類型,得知是tar文件類型
3.將其重命名為ras256.tar ,並解壓得兩個文件:
fllllllag.txt和gy.key
4.給出了公鑰文件gy.key和密文文件fllllllag.txt,就是常規的RSA解密,有多種方法
方法一:利用RsaCtfTool工具(kali虛擬機中)
已知公鑰(自動求私鑰)—publickey,密文—uncipherfile
命令:python3 RsaCtfTool.py --publickey 公鑰文件 --uncipherfile 加密的文件
方法二:利用公鑰文件用openssl工具解出e、n,然后python3腳本解出明文
1、解出e、n
方式1:
打開kali虛擬機,用openssl解出e、n
命令:
openssl rsa -pubin -in gy.key -text -modulus
e為65537,n還比較短,用python先轉換成10進制
方式2:
用腳本從公鑰文件中解出n、e
# -*- coding: cp936 -*-
from Crypto.PublicKey import RSA
#1.從公鑰文件中分解n和e
public_key = RSA.importKey(open(r"C:\Users\backlion\Desktop\8eec4a4af1e14eb08648c8fda7660a0f\ras256\RSA256\gy.key",'rb').read())
n = public_key.n
e = public_key.e
print('N:',n)
print('E:',e)
獲取模數(Modulus) N=76775333340223961139427050707840417811156978085146970312315886671546666259161(0xA9BD4C7A7763370A042FE6BEC7DDC841602DB942C7A362D1B5D372A4D08912D9)
公鑰指數(Exponent)e=65537 (0x10001)
5.對n進行因數分解
方式1:登錄網站http://factordb.com/,解出p和q
方式2:使用yafu工具
(常用於比較大的整數分解)自動整數因式分解,在RSA中,當p、q的取值差異過大或過於相近的時候,使用yafu可以快速的把n值分解出p、q值!
用法:
yafu-x64.exe factor(76775333340223961139427050707840417811156978085146970312315886671546666259161)
6.到此,已經獲取到RSA的全部參數
p = 273821108020968288372911424519201044333
q = 280385007186315115828483000867559983517
n=76775333340223961139427050707840417811156978085146970312315886671546666259161
e=65537
7.使用python代碼解出明文
import gmpy2
import rsa
p = 273821108020968288372911424519201044333
q = 280385007186315115828483000867559983517
n = 76775333340223961139427050707840417811156978085146970312315886671546666259161
e = 65537
d = int(gmpy2.invert(e , (p-1)*(q-1)))
privatekey = rsa.PrivateKey(n , e , d , p , q)
with open("fllllllag.txt" , "rb") as f:
print(rsa.decrypt(f.read(), privatekey).decode())
最終得到flag:
flag{2o!9CTFECUN}
十九、rot13置換編碼
1.下載附件,解壓壓縮文件,通過記事本打開
里面包含密文:
XMVZGC RGC AMG RVMG HGFGMQYCD VT VWM BYNO, NSVWDS NSGO RAO XG UWFN AF HACDGMVWF. AIRVFN AII AMG JVRRVC-XVMC, FYRBIG TVIZ ESV SAH CGQGM XGGC RVMG NSAC A RYIG TMVR NSG SVWFG ESGMG NSGO EGMG XVMC WCNYI NSG HAO FVRG IVMH JARG MVWCH NVdeFAL NAZG NSGR VTT NV EAM. OVWM TIAD YF "CV NSYF YF CVN JMOBNV RO HGAM", YC IVEGMJAFG, EYNS WCHGMFJVMGF YCFNGAH VT FBAJGF, FWMMVWCHGH XO NSG WFWAI "TIAD" NAD ACH JWMIO XMAJGF. GCUVO.
這段字符串被替代密碼加密。這個加密方法是把一些字母用另外一些字母替換。
2.
由題目名稱safer-than-rot13,先對密文進行rot13置換(這里通過ctfcracktools工具中的rot13解碼),看不出任何邏輯。
3。用在線解密解密quipqiup.com(http://quipqiup.com/)
4.得出解碼:
BROKEN MEN ARE MORE DESERVING OF OUR PITY, THOUGH THEY MAY BE JUST AS DANGEROUS.
ALMOST ALL ARE COMMON-BORN, SIMPLE FOLK WHO HAD NEVER BEEN MORE THAN A MILE FROM THE HOUSE WHERE THEY WERE BORN UNTIL THE DAY SOME LORD CAME ROUND TO TAKE THEM OFF TO WAR.
YOUR
FLAG IS "NO THIS IS NOT CRYPTO MY DEAR"
, IN LOWERCASE, WITH UNDERSCORES INSTEAD OF SPACES, SURROUNDED BY THE USUAL "FLAG" TAG AND CURLY BRACES. ENJOY.
5.或者通過命令置換得到:
cat cry100 | tr A-Za-z N-ZA-Mn-za-m > dec100
6.簡單翻譯如下 破碎的人更值得我們同情,盡管他們可能同樣危險。幾乎所有的人都是普通的,簡單的人, 他們從來沒有離開過他們出生的房子超過一英里,直到有一天上帝來帶他們去打仗。你的 FLAG 是“NO THIS IS NOT CRYPTO MY DEAR”,小寫,用下划線代替空格,周圍是通常的 “FLAG”標簽和大括號。享受吧。 7.可根據文意解最終得到flag: no_this_is_not_crypto_my_dear
二十、工控流量分析
題目:
有黑客入侵了工控設備后再內網發起大量掃描,而且掃描次數不止一次。分析日志指出第四次發起掃描時數據包的編號,flag形式為{}
題目附件連接:https://adworld.xctf.org.cn/media/task/attachments/57971150970f41609af811c73d8d8aac.zip
writeup:
1.下載附件,並解壓得到文件capture.log
2.利用linux 的file命令查看日志文件屬性,發現capture.log被出題者故意篡改過,對解題人進行迷惑。可以看到是pcap流量文件類型。
3.將文件名重命名為capture.pcap ,利用wireshark工具查看內容,分析流量包發現存在ICMP、TCP、UDP協議的流量包,其中IP地址192.168.0.9向IP地址192.168.0.99發送大量的TCP請求,
每次發送TCP請求是,會先進行一次ICMP的Ping請求.
3.發現數據報文有多個ip都對192.168.0.99目標機器進行掃描,分別為192.168.0.9、192.168.0.1、192.168.0.254、192.168.0.199,它們共同特點是每次發起端口掃描時候,
先進行ping操作,在wireshark中過濾出ICMP的數據包進行分析,嘗試提交第四次發起掃描第一個報文編號155989,Flag為155989
4.最終得到flag:
flag{155989}
基礎知識:
1.有限域GF(2^n)
構造有限域GF(2^n)時,首先需要GF(2)上次數為n的本原多項式g(x);對於GF(2^n)上的每個元素a,都可以用一個次數不超過n的多項式fa
表示:fa(x)=∑n−1i=0ai⋅xi
,其中an−1⋯a0
是a的二進制表示;從而GF(2^n)上的四則運算定義如下:
- 加法:對於a,b∈GF(2n)
,它們的多項式表示分別為fa,fb
,記fc=fa+fb
(其中系數的加法為GF(2)上的加法,即異或運算),則cn−1⋯c0
的二進制值c為a+b的值;
- 減法:由於GF(2)上的加法與減法等價,因此對於a,b∈GF(2n)
,a+b=a-b;
- 乘法:同樣地,a,b的多項式表示fa,fb
,記fc=fa⋅fb mod g
,由於多項式g
的次數為n,故多項式fc
的次數不超過n,則cn−1⋯c0
的二進制值c為a⋅b
的值;
- 除法:先介紹(乘法)逆元,本原多項式是一種具有特殊性質的不可約多項式,對GF(2)上任意次數不超過n的多項式f,都存在GF(2)上次數不超過n的多項式h,使得f⋅h≡1 mod g
;與f作除法等價於與f的逆元h作乘法;
2. process(m,k)
考慮t2,t∈GF(2256)
,構造GF(2256)
的本原多項式為g=x256+x10+x5+x2+1
,記t的二進制表示為tn−1⋯t0
,則t的多項式表示ft(x)=∑n−1i=0ti⋅xi=(((tn−1⋅x+tn−2)⋅x+⋯+t1)⋅x+t0)
,考慮t2
:
f2t mod g
我們再來對比函數process(m,k):
def process(m, k): tmp = m ^ k res = 0 for i in bin(tmp)[2:]: res = res << 1; if (int(i)): res = res ^ tmp if (res >> 256): res = res ^ P return res
res=res<<1代表乘以x,多項式的系數全體左移一位;
if (int(i)):res^=tmp等價於res^=int(i)*tmp,代表
;
if (res>>256):res^=P代表模本原多項式g;
綜上,process(m,k)實際上實現了GF(2^256)上的元素m與k之和的平方
;
3.解密過程
(在GF(2^256)上的運算)
,其中
已知
則
,可解出secret:
(在GF(2^256)上的運算)
接下來解出
:
(在GF(2^256)上的運算)
然后解出flag(即
):
writeup:
1.下載附件,對壓縮包進行解壓,含有兩個文件:oneTimePad.py和 ciphertext
其中
oneTimePad.py是加密腳本,ciphertext為密文,密文內容為:
af3fcc28377e7e983355096fd4f635856df82bbab61d2c50892d9ee5d913a07f
630eb4dce274d29a16f86940f2f35253477665949170ed9e8c9e828794b5543c
e913db07cbe4f433c7cdeaac549757d23651ebdccf69d7fbdfd5dc2829334d1b
2.對python 代碼進行分析,了解運算流程:
#!/usr/bin/env python
# coding=utf-8
from os import urandom
def process(m, k):
tmp = m ^ k
res = 0
for i in bin(tmp)[2:]:
res = res << 1;
if (int(i)):
res = res ^ tmp
if (res >> 256):
res = res ^ P
return res
def keygen(seed):
key = str2num(urandom(32))
while True:
yield key
key = process(key, seed)
def str2num(s):
return int(s.encode('hex'), 16)
P = 0x10000000000000000000000000000000000000000000000000000000000000425L
true_secret = open('flag.txt').read()[:32]
assert len(true_secret) == 32
print 'flag{%s}' % true_secret
fake_secret1 = "I_am_not_a_secret_so_you_know_me"
fake_secret2 = "feeddeadbeefcafefeeddeadbeefcafe"
secret = str2num(urandom(32))
generator = keygen(secret)
ctxt1 = hex(str2num(true_secret) ^ generator.next())[2:-1]
ctxt2 = hex(str2num(fake_secret1) ^ generator.next())[2:-1]
ctxt3 = hex(str2num(fake_secret2) ^ generator.next())[2:-1]
f = open('ciphertext', 'w')
f.write(ctxt1+'\n')
f.write(ctxt2+'\n')
f.write(ctxt3+'\n')
f.close()
因此這里的關鍵是 process 函數,只要能夠通過 process 的輸出求輸入:
- process(key2, seed) 已知,通過輸出求輸入,得到 a1 = key2 ^ seed
- key2 已知,∴ seed = a1 ^ key2
- process(key, seed) 已知,通過輸出求輸入,得到 a2 = key ^ seed
- seed 已知,∴ key = a2 ^ seed
- ctxt1、key 已知,且 ctxt1 = true_secret ^ key,∴ true_secret = ctxt1 ^ key
- true_secret 就是 flag
3.通過嘗試,發現將 process 的輸出作為輸入(m ^ k)運算 256 輪,最終結果與最初輸入相同,因此我們可以寫出 process 的反函數 arcprocess
4.通過解密腳本進行解密:
P = P = 0x10000000000000000000000000000000000000000000000000000000000000425
def load_file(filename):
content = []
with open(filename, 'r') as fp:
for line in fp.readlines():
content.append(int('0x' + line[:-1], 16))
return content
def str2num(s):
ans = 0
for c in s:
ans <<= 8
ans += ord(c)
return ans
def num2str(n):
s = ''
while n:
s += chr(n & 0xff)
n >>= 8
return s[::-1]
def bbencode(n):
a = 0
for i in bin(n)[2:]:
a <<= 1
if int(i):
a ^= n
if a >> 256:
a ^= P
return a
def process(m, k):
tmp = m ^ k
res = 0
for i in bin(tmp)[2:]:
res <<= 1
if int(i):
res ^= tmp
if res >> 256:
res ^= P
return res
fake_secret1 = "I_am_not_a_secret_so_you_know_me"
fake_secret2 = "feeddeadbeefcafefeeddeadbeefcafe"
if __name__ == "__main__":
cipherText = load_file('ciphertext')
key1 = str2num(fake_secret1) ^ cipherText[1]
key2 = str2num(fake_secret2) ^ cipherText[2]
temp = key2
for i in range(255):
temp = bbencode(temp)
seed = temp ^ key1
assert process(key1, seed) == key2
temp = key1
for i in range(255):
temp = bbencode(temp)
key = temp ^ seed
plainText = cipherText[0] ^ key
print(num2str(plainText))
5.最終得到flag:
二十一、異或加密
基礎知識:
XOR 加密詳細介紹:
https://www.ruanyifeng.com/blog/2017/05/xor.html
異或加密特性:
1 兩個值相同時, 返回 false, 否則返回 true .
2 如果對一個值連續做兩次 XOR, 會返回這個值本身.
3 加密應用:
假設原始信息是 message, 密鑰是 key, 第一次 XOR 會得到加密文本 cipherText. 對方拿到以后, 再用 key 做一次 XOR 運算, 就會還原得到 message.
4 一次性密碼本 one-time pad https://en.wikipedia.org/wiki/One-time_pad (OTP):
key 的長度大於等於 message
key 必須是一次性的, 且每次都要隨機產生
滿足上述兩個條件, 即稱為 OTP
writeup:
題目附件:
0529242a631234122d2b36697f13272c207f2021283a6b0c7908
2f28202a302029142c653f3c7f2a2636273e3f2d653e25217908
322921780c3a235b3c2c3f207f372e21733a3a2b37263b313012
2f6c363b2b312b1e64651b6537222e37377f2020242b6b2c2d5d
283f652c2b31661426292b653a292c372a2f20212a316b283c09
29232178373c270f682c216532263b2d3632353c2c3c2a293504
613c37373531285b3c2a72273a67212a277f373a243c20203d5d
243a202a633d205b3c2d3765342236653a2c7423202f3f652a18
2239373d6f740a1e3c651f207f2c212a247f3d2e65262430791c
263e203d63232f0f20653f207f332065262c3168313722367918
2f2f372133202f142665212637222220733e383f2426386b
1.利用一些用同個密鑰生成的密文, 猜對其中部分密文對應的明文, 即可求出公共密鑰, 再用該可能的密鑰去解其他的密文, 若符合, 則為密鑰正確.
2.下載附件, 得到如下字符串
https://adworld.xctf.org.cn/media/task/attachments/f331d71a103f49bc94c2cc7838c29a9c
0529242a631234122d2b36697f13272c207f2021283a6b0c7908
2f28202a302029142c653f3c7f2a2636273e3f2d653e25217908
322921780c3a235b3c2c3f207f372e21733a3a2b37263b313012
2f6c363b2b312b1e64651b6537222e37377f2020242b6b2c2d5d
283f652c2b31661426292b653a292c372a2f20212a316b283c09
29232178373c270f682c216532263b2d3632353c2c3c2a293504
613c37373531285b3c2a72273a67212a277f373a243c20203d5d
243a202a633d205b3c2d3765342236653a2c7423202f3f652a18
2239373d6f740a1e3c651f207f2c212a247f3d2e65262430791c
263e203d63232f0f20653f207f332065262c3168313722367918
2f2f372133202f142665212637222220733e383f2426386b
3.通過十六進進制轉asci發現轉碼出亂碼
http://www.ab126.com/goju/1711.html
4.對於OTP密碼的重用,我們可以利用Crib dragging attack來破解。這是一種已知部分明文的攻擊,counter mode的block cipher如果重用了IV或者counter也可以用這種攻擊。
實現這種腳本:https://github.com/SpiderLabs/cribdrag進行破解
5.將上面的文本內容都按一行展開
0529242a631234122d2b36697f13272c207f2021283a6b0c79082f28202a302029142c653f3c7f2a2636273e3f2d653e25217908322921780c3a235b3c2c3f207f372e21733a3a2b37263b3130122f6c363b2b312b1e64651b6537222e37377f2020242b6b2c2d5d283f652c2b31661426292b653a292c372a2f20212a316b283c0929232178373c270f682c216532263b2d3632353c2c3c2a293504613c37373531285b3c2a72273a67212a277f373a243c20203d5d243a202a633d205b3c2d3765342236653a2c7423202f3f652a182239373d6f740a1e3c651f207f2c212a247f3d2e65262430791c263e203d63232f0f20653f207f332065262c31683137223679182f2f372133202f142665212637222220733e383f2426386b
python cribdrag.
py 0529242a631234122d2b36697f13272c207f2021283a6b0c79082f28202a302029142c653f3c7f2a2636273e3f2d653e25217908322921780c3a235b3c2c3f207f372e21733a3a2b37263b3130122f6c363b2b312b1e64651b6537222e37377f2020242b6b2c2d5d283f652c2b31661426292b653a292c372a2f20212a316b283c0929232178373c270f682c216532263b2d3632353c2c3c2a293504613c37373531285b3c2a72273a67212a277f373a243c20203d5d243a202a633d205b3c2d3765342236653a2c7423202f3f652a182239373d6f740a1e3c651f207f2c212a247f3d2e65262430791c263e203d63232f0f20653f207f332065262c31683137223679182f2f372133202f142665212637222220733e383f2426386b
6.程序會提醒我們輸入一個可能存在於明文或者密鑰里的字符串,根據題目提示,flag的開頭是 ALEXCTF{,把這串字符輸入:
7.可以看到0這個選項就是有意義的字符串。對於可能有意義的字符串,程序會在序號之前加上***。
程序提示輸入正確的位置,我們輸入0。程序又會提示我們輸入我們的crib是明文中的還是密鑰中的,假設flag是密鑰,就輸入key:
8.這樣程序就恢復了一部分明文。在剛才的結果中,不止0一個位置是有意義的,*** 260: "ncryptio"也同樣有意義。再次輸入ALEXCTF{,輸入260作為正確的位置。現在的結果如下:
9.回到明文開頭,我們可以猜測這是一封信的開頭,Fri開頭的單詞很可能是Friend。輸入“Dear Friend,”作為crib。得到0: "ALEXCTF{HERE"。
10根據flag的常見格式,可以猜測HERE之后是下划線。將“ALEXCTF{HERE_”作為crib輸入:
11.得到有意義的字符串有: *** 260: "ncryption sch", *** 234: "gree with me ",*** 208: "cure, Let Me ",*** 182: "ever if the k",*** 156: " proven to be",*** 130: "hod that is m",*** 104: "is the only e",*** 78: "n scheme, I h",*** 52: "sed One time ",*** 26: "nderstood my
先看260,可以猜測后面的單詞是scheme,輸入"ncryption scheme "作為crib:
260: "ALEXCTF{HERE_GOES"
將新的key后面加上下划線輸入:
*** 260: "ncryption scheme a", *** 234: "gree with me to us",*** 208: "cure, Let Me know ",*** 182: "ever if the key is",*** 156: " proven to be not ",*** 130: "hod that is mathem",*** 104: "is the only encryp",*** 78: "n scheme, I heard ",*** 52: "sed One time pad e",*** 26: "nderstood my mista",*** 0: "Dear Friend, This "
52的后面幾乎可以確定是encryption,而且這樣填充的字母多,所以這次輸入"sed One time pad encryption":
52: "ALEXCTF{HERE_GOES_THE_KEY}AL"
12.使用python腳本快速解密:
#!/usr/bin/env python3
import binascii
def dec(msg, key):
'''
Simple char-by-char XOR with a key (Vigenere, Vernam, OTP)
'''
m = ""
for i in range(0, len(key)):
m += chr(msg[i] ^ ord(key[i]))
return m
######################################
lines = []
with open("msg", "r") as f:
# Read lines from file and decode Hex
ls = f.readlines()
for l in ls:
lines.append(binascii.unhexlify(l[:-1]))
# Step 1: Decode each line with the known key
k = "ALEXCTF{"
mes = []
for l in lines:
m = dec(l, k)
mes.append(m)
print(mes)
# Step 2: Guess some part of the first message 'Dear Fri'
k = "Dear Friend, "
m = dec(lines[0], k)
print(m)
# Step 3: Decode each line with the new known key
k = "ALEXCTF{HERE_"
mes = []
for l in lines:
m = dec(l, k)
mes.append(m)
print(mes)
# Step 4: Guess some part of the last message 'ncryption sc'
k = 'ncryption scheme '
m = dec(lines[-1], k)
print(m)
# Step 5: Decode each line with the new known key
k = "ALEXCTF{HERE_GOES_"
mes = []
for l in lines:
m = dec(l, k)
mes.append(m)
print(mes)
# Step 6: Guess all the second message 'sed One time pad e'
# the third message is 'n scheme, I heard '
# so we can retrive the complete key
k = 'sed One time pad encryptio'
m = dec(lines[2], k)
print(m)
'''
['Dear Fri', 'nderstoo', 'sed One ', 'n scheme', 'is the o', 'hod that', ' proven ', 'ever if ', 'cure, Le', 'gree wit', 'ncryptio']
ALEXCTF{HERE_
['Dear Friend, ', 'nderstood my ', 'sed One time ', 'n scheme, I h', 'is the only e', 'hod that is m', ' proven to be', 'ever if the k', 'cure, Let Me ', 'gree with me ', 'ncryption sch']
ALEXCTF{HERE_GOES
['Dear Friend, This ', 'nderstood my mista', 'sed One time pad e', 'n scheme, I heard ', 'is the only encryp', 'hod that is mathem', ' proven to be not ', 'ever if the key is', 'cure, Let Me know ', 'gree with me to us', 'ncryption scheme a']
ALEXCTF{HERE_GOES_THE_KEY}
'''
最終得到flag:
ALEXCTF{HERE_GOES_THE_KEY}
1.下載附件,並
打開流量包,發現存在PRES、TCP、COTP、MMS協議的流量,其中選擇一個數據包,追蹤TCP流發現存在關鍵字flag.txt,如圖所示:
過濾tcp協議,然后搜索關鍵詞"flag",直到搜索到flag.txt可能有問題。但是沒有發現可利用點
2.然而通過多次分析與flag.txt相對應的流量包中,沒有發現flag.txt的內容,於是換一個思路,對流量包進行關鍵字(jpg、png、zip、rar、flag)搜索,查看是否存在其他的文件。在linux系統中使用grep指令,可以對文件進行指定關鍵字搜索。
linux中grep命令用法
,我們使用指令進行關鍵字搜索
grep "flag" -a flag.pacp
grep ".zip" -a flag.pacp
grep ".jpg" -a flag.pacp
grep ".png" -a flag.pacp
最終,發現存在base64加密的png圖片碼,如圖所示:
運行腳本,將圖片碼進行base64解碼,解碼后得到寫有Flag的圖片:
# coding=utf-8
import os, base64
img_str = 'iVBORw0KGgoAAAANSUhEUgAAAdAAAABiCAYAAADgKILKAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAABzXSURBVHhe7Z2Js11Fncfn75maqZmaqZkaS0elXAp1GHRUhGFAQHYQFQRFBWQRiBoBWQyyKaBsxo0tCAgkQHayQEL2jSxAyEoSIAHOvM/JPTPn9fv1Od19+9z3bvh+qr5FkXe77z33ntO/7l//fr/+m0IIIYQQ0ciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAnIgAohhBAJyIAKIYQQCciACiGEEAl0ZkDff78oNm/ZV8xfuK2Y8fxrxex5W4vlK3cVe/Ye6L1CCCGEGF6yGtC33n63uOPuNcW/fHJG8bcffsarf/3UjNLAVtz/h/Xm6/h3IYQQYiKSzYBufePt4thT55qG0NXxp8/ttTqIDGj/vP3Oe+VKf/L1y4qTzppffOq/ni/+6bDpxY+ve7n3irHw/VrKzdsjE6tFL24v7p26rrhs0pLy8x3+pZnFhz/zbDnZ+th/PFd86auzi3MuWFhcc+Py4qFpG4s1694cNcmKYf/+94oXFm4rbr1zdXHe9xcVn/+fWcVHPvv/7/WVk+YU371kcXHbyN9nzd1a7JVXRHxAeGdknFi2Ylfx+FNbiql/3lA8MPK8/+XJzcXLy3eWz80wcdxpc4t//sSMciw55Zz5xXW/WF4+zwcODO46shhQBqCjvzbHNIKWfnjVS72WB2HQtl7XxWB+KDJz9tbiM1+eaX6HTQbUej3KxZKXdxRXTV5aehys92kThm/u/Dd6vbXD9sDd960tPvH558z+fGKicfmPl5RGW4hBsnDx9lGT10q5YTuNyemHDn/WfAYQk8xf3LqyeGPb271W3bLl1X2l0bP01PRXe6/ygwG1ruOLx88uFr+0o/eqbsliQPlhrAvxiZVBHW4Y63Vd3EiHGtOe2Gx+d5XGw4CuWLWrOPv8BWbfsXp25uu9XptZMDIQ+SYRoXrksU293oToFp6Rc7+3yLwPUS7ee+/94r6p64t//Ph0830sYWSffGZLr4duwLt0wcWLzfdHGNE2fAYU/f1HpxezR1ajXdO3Ad24aW/xdx+xL+LIY2cV0597rdj95v7yh9y9e3/pysOFUEcGNA1mcKyerO/us0fNLF2iv/vjht6rx2K1Q6ngAvrlHau890OKdu3a3+vdz2NPbs7ynq++tq/XoxDd8MrGvaUHzrr/6srBu+++X1w5eanZf4gwvF2BXbDes1KIAWXhdta3FxSHHWl7nNiueXNP+/jRD30b0Ft+tcr88J/7ysxi+/YwV4AMaBpTbls55js75uQ5xcpVu3uvaMZtWymFnbveKc449wWzv1SxV9rG3BfeyGI8+d6E6IrXt75VDvisjKz7z1UOMEJW3zF68un8K9E9ew6U+5bW+1UKMaAVrGbJ9vj0F58f088fH3ql96pu6NuAEvzhfmjEDCMUGdA08PXXv69/+Nj0cq8jlHrbumLZsfOdoD3wE8+cV9zzwLrS3cpqjz1LghrwUODJwBiyh0lAAK8norsJ2n3yC2Mfmkpfv2BBOQDQ9959B8pgph073iknGLi+L5+05P/2Z2+/a/S2ghA52LV7f3Hrr1eXwS7u/dmkfmla4bG4mfqnDaU3kBiDm+9YVfzbp+3Px/OBpysnN94yduLvKsaAVry4ZMeYfggi7JK+DCgrTPcDo3//3LNRkVAyoPGQMuR+X0SWxuC2rxQDRunkrx80eD5d+MPFwaviig0b9xSbNu/t/Z/NXfesNd+P/Z6/PtMehAAYcaIRyVEWIjd4Uax7tE39wGTRWo0hDIqVi8/E252QVyJyPhfs/YZ4jFIMKBBhX++HbIQu6cuAWhYfff/yF3uvCEMGNB5r8tK2YnNx21eK4Wc3LDP7QAQjPPNsuCciBvbUfYMEq0shJgKkSln36FfPmFemWvk8eP1wz+/WmX1iXDCuPja8sse7Ul67vv8IdfZk8ULV+/3a2fPNgMNUA0o0fb0fvHJd0pcBfXrGq6M+bCVcFjHIgMaDa8j9vnhwYnDbVwpl/oJtZnvExv7qtXGrzhhWrdltvu9RJ85Jzh8VIjdLl+0cdX/iPmVbgQkg5DagBPL5tjVw2bbx69+uMdv+fMqK3ivSYT/S7Ze8zRMco4pSDShZB/V+cEF3SV8G9M+PbBz1YSs1RX5ayIDGw2zO/b64+WNw21cK4cDI+2OsrPa4UEnM7hLC7K33nnL7qt4rhBh/eE7JSybHkqIFbHnUyW1AMUhWf6d/64XeK5ohnoFVm9uez99PoQVyS90cVAwnk13yvev/jlINKC7qej9HHD2r95du6MuAYijrH7ZSbOSTDGgargvzhl/GzRLrbesKgT1Gqy2i4lDXsG9pvTdBSkJMJJ6f/bo3HSu3AaVwidXfE0+FR9N+77IXzT4I/kvFSt2ZOedgnqaVhpJqQL98wujv89RvhE0cUunLgPoM33gaUGY0zHZwV7BKeXBklcznmfb45jLijIiyrlx89EvEJxFwvx8Z4Pn8vO9LS3eU0aa5YVZZ/75+ct2y3l/CqLetKwRfcASBCIMoCeYzoKkP3kSHqGXuK6InmaCwz4sbO/Re5jdZ8vLO8n4kv4/VEFswg8h95d4nXuLhaZvKz86zwUqJKOpQSAOhqMYfHnyl7IPnmmozuZ8rVmDsTfL9Mm48+OjG8n2pUoXXJTc5DShuYcsYEbQTkk9dQUERtw/0q9/EebgqGHfdvtj7rO5dKwI45TmmPzcv/uIfja56l5soA9qW/Nqm8y+yQ4r7NaC4SbjpybOigIDVV124DNgvzJVki1uGh833MCDqvhIuTjGJihtuXjHmdTGRtKRh1Nte/TN/1SGLetu62li3/k2zHaKowSDwrYBx2XQx0HXBFT8Zu1pwXdBMBM88z1/VicCQ52b5qzVhELjvcMFZ7REFN2Jd7gScWH3VB2qiPUkP8r03rn6eWT6jBQMi1WRO+6Y/v5iI/7vvXVtGpaeC4SHYrS2PGRckv9mCRduCJy5t5DSg6zfYvwmBOzGsWWs/39wnsfC7UFDH7Yu8zQqrGEyKASUX3e2HMbZLht6AMpD6wq/bxN5ETK1VC2bW1g3iEwnEhHKDVSWEKLJQ3A1zSoPFUG9bVxusAKx2zCT37UsfyGJoMuKscIYBCv+7n33StQcnQUwKb7q1PV+uEgNFFZhSwRGCHz8irC4wq5SY2AVWrlY/m7YcTD1atXp3OZmxXuOKZ8KtQ0x97ZCKPZX++5S55So1ltdef2uMJydE/Y4bFTkNqC+oM9aI4K2wCj6wCIidODCBcvv5xncWjurH/TtKMaBECrv9dL2lM/QGlFJOVttQMXBwXSlwikFoZZG6uBEp6fUdoxYkM/JQfvrz0QMwq5EY6m3raoOZqNXu0qvz5Yu1wQPomzjxm3RRQSU37Fm7n52cWa4NQ+r+rU31IDK2L1IqNBEYGML2HWNn+4h8WlYw3OPW330iX68qYk6lGlx81uuahDGKcQuTZ+xLhWoSK6amdJAYchpQ0tisvnCdx+LuJVaKKTS/bmRF7AYk4XVg7KtT/3ulFAPKqtbthzG6S4begOI6tdoiaiFWx3pZf69E7pP7o7bhm+2FigHCzYlClEYMxR2Aud4Y6m3ragL3qC9X7NHHB1uMnYHB+hyVmGCQ7jNR4VAF9zMT9MD+nvvvIcJgYrzwiqRM7JA1wFlg5Kz2jBExHpm6LrnypXIVzThh/T1E1Qq+DfZOWbVafSC+P8YOa3+OIJtc5DSgbg5kJba3Yvn2D+zfYLlTx9wHv6O1uMHd7uK+BqUYUCbNbj9UN+uSKAOK24xSa5V8pwnw7/XXVfJV+O/HgFauJAYPfvRH/rKp/Jz1QBZ+TGZDFDq3QrRRzEPB/k/ToeHlHusD68o8SQKIOJqHmztkUIspKefOOOk/hnrbupogSMpqgyrX9KCg2pWVQ1YXkwoCZnKtGHJCUIb7edkvdI9/I9Gc54frwO3fNCHEq/Gfx4w2YASWXHvT8jIAiepNbV6bkMozb701thIWcmuc1t+b+7XJaCGrMAclGRl46QMPTZtbmue/jT89bE+8Mf4cD8j5uhU7RlbbRNJi4BlnHv9rvlVNTgPq2ysO+T5cJl1je0CqyNk2iIVw25L2ZgV9ua9DKQbUWkwRaNclUQbUpR/DV6fffu4cGRTayr5VEADgM2QhdWRxrzUFdWAAfVGoFBawcp7qiol0w0jX27IyjKHetq4mLDdJpXqA1KBgzy1kn49gE77b0AMOBgFG0fqslTiejdWkC9fsy8F1xfmOGDsX9vB89U95PnDRNsE9brWtC8PpTlyYzLr3rU8YMyKHXVj9XnSFf3+Ua27DLfmGcDtvfaP5/iBQJ+d9ntOA+rY0tiXc89ZBFYiDuNsgmMd6Jq17GdzXoRQDykH8bj8p++IxHBIGNJbrp4zde0KEyLcxZ97YkOxKv7m/fcOaoIWmA58ZVENxb3Iexhjqbetqgnwyqw0r8tgAg1ysXL07+BBtJhl8bzzk481vR+4X6zMiBqCmCR21gnG3Wm0rtZV2nPG8f0umbaDElW+1q9RmxHwrnEq4T5sGPwy4z/tAtZ+me9FXwzsm/iAXOQ2oL9o5JbDPV5GIlXsbbnAjYjvFh/talGJArSISXR+S/4E0oOSPWe+Hi6YN394AbjE3CtKHzwghBtUQeC93o59BKYZ627qa8O05E4wxnpDfG1O4mxUpe7bjZfTBd9+jEDehNVBVOvbUuWUkbxNcu+8ggBBjYrVDIbnATA6stpVCAvvY37Laoibjy1aD1SZm8pqLnAbUF5vQ9ltY+LwjuNGbYJXptmFy2xSL4L4epRhQApzcfrqOyP9AGlD2NKz3a4tixRVitUNLXrbdExbs3VkJzyjkmjGeVgCKz0Xiw21fqQnfb4VrerxhoCC/1zeQWOLgA+t0ikHg+y4ZcEJOMyJH0mqPQgvq+yZE7Ke1YbVDoZG8FFS32uO6DpmMsgpmImT10RQ4w8lAVhtfkGOX5DSgVj8oZZJ4/+/jx2SeP+tYw7aTkdzXoxQDCq5rn/sDD1VXfCANKAEC1vuRKN2EFeWFMLyxN+mPfmqX3PJdMwMKqxL28aybNLaMH7h9VGrCVwGIQW+iwD4Wbvq26OtKDOTj4dL13ffcGyGw6rbao9AzHH2rsZDf02qHQiPa3TSsSjEVtS681C471+SCZg/TaoOowjNIchpQX9pSzNGSFd4VaMOKzjoFhtq0bWOj2walGlA8D9y79b4IHMW7yGQxNIo4lEPWgPJFUl2ElRqrjONPn1u6GZuiZ1ETnEhgtYk9fQYIfLL68l0zszvr9axWSHtImWVa/aEmrI161Db5GA/wNOASD9kfJX2kydVFdDe/TayaKvzwd+uzWKH+Fr6JIAqtxkTlIKt9yCkWVjsUWl7P9wyEbmOAL9ilba/uWxfaucyIil5twUS5yGlAfWNbPaI4FF9Oqe97xSXven74/5DAzHqbSqkGFPjtyHqwJhT99GtxSBlQSvMxy/C5hkLUhC/8n1qZscRes2VACTShtmnTwN+E21+lJkjJsdogK9pzIkCpRarstCX3NwXd+Aa6NjXdw/3e90yarPYoFN/EDLVhtUGh9Hv94FsptfVBdK/VrhLeC/aBSVnrkpwG1HeMWUwd3ArKP1p9WUXpuQ+t3F1qLofgtkP9Gjo8MPSRu1+XQ8KA4t4kgrap3meomiC6z2rDnkossdfcNNDhQq5KqMVg9YWasIIEKpFrO5EhyOCb3/WvPBg0fZVWJqIBBas9isFqj9qw2qBQclx/P32EptNQn7qr4/lyGlBfjm2oO7+Oz73OvruLVWCHILbQib3bFvVj6LAFvnz/2AM32hh6A8p+BrUVrfYpasLnIglxU7ikXDOuMfLQCDF3UxiIfIwtqF1vX1cTvhqoiOpMEx32gzihwfr8yFc7UwZ0LFYbFEqO6++nD1ZOBMv49g5dMfhSozcnOQ2ozy2dYvwpKWn15e4hkpPrFs9A1DHmNwiR2xaxpeK+LiRQ0zpkgpgRjDzpSyHBaTEMtQHFYDTVzGRfjv0MqmIsG/nhycEkJ4pBNOXGtV6P6DeWfr87KwKT/ckY3PaVmuAGdA/GrTQeeXQp4Gr+wnH27+87P5DBiXsmVuyd+uj3HgCrPYrBao/asNqgUHJcf44+8KpYhRUsMRjnTM7nHrHeJwWrihMKSQlyYQVp9eUWZfAdbN+F2tKMSNtyT+Pi9+oyyn6oDeiNt9gBBCzf+bKbZospN64vPYKk9lhyfHfuKRKUcYuh3rauNqwi+Ijk92E5SowcUOsaWNnnnqX6yHEPWO1RDFZ71IbVBoWS4/pz9AHctxQetyLcXfGaiVhM3vddEB0bA/e/NdZRucp9Nppy2nOrzYBa6UldHyoxtAYUv75Vko9/CykgnHLj+vZAFyac1J6SZ+Vym5MLiislhnrbutrw5Q4ia49kIoLXwPr8yHc+ZW5yPD9WexSD1R61YbVBoeS4/hx91MGtSw5p27YQdbVzkNOAzvMUlsCdGoOv3jVBlC4TyYBanyX2kJBYhtaA+qLvQupgQsqNS1Frq01IeSsXX6msmO+O0oH1tqy8Y6i3rauNpn1QXKApKTWDpqkUXcyRTf2Q4/mx2qMYrPaoDasNCiXH9efowwdF5X11lknzybEKzWlAmfhZfRGdG/NM+iLtrUnDRDKgBA+5bVK212IYWgPqSymhYHsIKTcuxtlqQ55pLJxsb/UV8925oea4H2Oot60rBF9JQzQMZ3Gyf259dkRgxCDI8fxY7VEMVnvUhtUGhZLj+nP00QQnmbin41RixdcvOQ0o+PYuQ8dF8JWItA4R5zliwtmPrPe6avLSMa9rC+CytmU4ZLtLhtaA+maGoUnDHHNltW+CI42sNhiuHS2nV9Rhs9uXsxXz3bkFudmDjKHetq4Qmk5lIZ0o9HSc8cJXzo37alDkeH6s9igGqz1qw2qDQslx/Tn6aMMXa/Hgo3FBexa5Dah1RB4KPeWJnGkrHZAMhK6OBHTfC6WksWDg3X5iy5vGMrQG1Bd6HpJ71FTIuglmQL5UlpiDsCm8YPWBYr47ymTV23IOZAz1tnWFgEvonAv8+0TUxu3afdIPN3m8CT+4It9hyW3keH6s9igGqz1qw2qDQslx/Tn6aMMXadpU1i6U3AaUlabVH9W4QgqdEEhltaeyT1dY75diQDn70+0nJQI5hqE1oL5UCvIk28DYWW1RG74EY4KXQmY71Fz1BSOhmO/OTZym3xjqbesKhSotTfVmWRGnnIYfSkoBC1i6bKc30XqQ7uccz4/VHsVgtUdtWG1QKDmuP0cfbbDStN4j5GzMNnIbUPAdrM1h6k2wQPCNTV2u5Kz3SzGgnGHr9kPAY5cMrQE95Rw7/5PI1CY4ysw3eKK2FAaiunwHclMqbv4Cv8Eg+KatzGDMd+fWeOUA4hjqbeuKgTq8Vh91XT5pSbFmbdxeBJGATW2qgAlW4ZzRGlIwm1UzM1JfST9qJePCGhQ5nh+rPYrBao/asNqgUHJcf2ofbDGEBNY0eVpynPLRhQH1ndLDuOWb0LKtRLSu1Q6DHBOEFIv1nikGlLHbHdtvvyu+TnkMQ2tAfYWo+QI5WNWFL5cZoy8goFKIC5hoNKttJdyAuGnJDyXdZtGL28ui123vjWK+O3evwgozb6Letq4YeLBuuNkusu+KyQN7MUQ34m5hQkFwAMaS2qS4yqbcvqo47rSDK2uK9/twD4NmT5tTTFgtMEmiT4pK8/1TwQR324meA5grWXU+uyTH82O1RzFY7VEbVhsUSo7rT+mDe/aIo2eVk3Aq1/gS7ZlM+Vz9bJe0TbZD6MKAcn1nn28HWeIxoi50tZ/Ja5kINJW47KqMYYX1nqml/Phd6v1MujbujORYhtaAMjA2rSQvuHhxeZgqxdaZhRx1YlilkZB9Akrq+Q4iDtWZ59k3eOh3x43vroRDj8GqqLetKxYGEo5Ts/rqRxhcH9feNLZQdD+6cvLS8jsdJDmeH6s9isFqj9qw2qBQclx/Sh94NuqvZRxh8kmwEEUHSJeggpkvUBER8ZmDLgwoMIGk8IHVN+KaqcblC6asxIS2a6z3TTWgZ5w72n2Nh6pLhtaAgltIIFTcNL5jkELPhSTqtlopxYo9WF8xAmaHITA7dttyTTG47SulwlmKMYdZt4lAMUovumDo3JlmP7ps0pLgwtc5yfH8WO1RDFZ71IbVBoWS4/pT+rDOrYwRxeVzrD6hKwMKeOJ8200hYhGScpZoLNZ7pxpQt871MSfP6f2lG4bagPLj+g7U9Yl9LlwWCxbZaRjM3ELh+LRLr15i9mOJWR8PLwbAZ0BDN70x4G7bmHMUwW1fqR/4/nyl/lL00tKxwQt8702rg1DhzuIeyzUYxpLj+bHaoxis9qgNqw0KJcf1p/TRj/eInO+cx/Z1aUCB7ZKQrSNXjGsp54imYL1/qgF1gzyJd+iSoTaggBFlJdrkzq1E8QIq8gMDvfUa9itjISey6YBe8kQJpKkn9foM6LQnNvde0QzX4bYNzfWqcNtXygH7JrhFU1ekzJyZ6fvOY8SIPjByf/gGoCbh2sIFnHLMU05yPD9WexSD1R61YbVBoeS4/pQ+MCqxRpToVFI8crv5uzagQOBj6IlVLDC6uM4mrM+RakAZc+r9YBe6pC8DyiDJjeoqdtM5Rz8EpLB3wV4G0anMuqgNy+Y4Je/clSWzK+s9+znTklUhEaFEpjK449JcsHi7GaTgK0VoBUBZWJV0Lrkyrualdf0oJ7hg+U7Yh8ZbwKkXBD9VriUmF/xOJ501v5z13n3v2vL1GMgQeNBJXXp42qZy9klgCOkz1YQKA467lwGE/ZyZc7Z2lhAeS4773mqPYrDaozasNiiUHNffTx9Mzij/xn1Hgfhqz5CtA+4h9tPYFiGyvitXJqf1WJ+/C/hOeAZ41qprZZzk2tnzJUJ9UKvOOtb1N2UzNHGCEyhIwZou6cuAinSIDqv/0JVWRYTGuzlbPBScjyqEEB80WGnXx0NEClKXyICOE5brhplvzP7K5OvHFnXgINyJssISQohBgPfPOhvad0B+LmRAxwH2Qt0fGpGnGAOHhFv9HHbkc+UKF9c17lAhhDjUeOzJzWV1JaLorZQdtodyHn5uIQM6DpCv6f7YiOIQsfhOoa/EyQpCCHGo0ZZGeO/UblefIAM6YNiot35sROWiWAhuuOZGf1EBGVAhxKGIz4CyFcbKdBCRxDKgiVAyjvM4if4NgVzDh6Zt9KbbpJwpWocC6Rxv5tbHlQEVQhyKuAaUoMrrp6zoK5MiFhnQROp5n6TO3Dd1fbFw8fbS506VIIozE8zDgbwYzqYi8iT0p6w+LZh1UU2J/las2lVs2jKxz+UUQogUKMlIURxSFHe/OT7ZBzKgCZDXGVK4IVS56moKIYQYHDKgCVDJxDKEKaLgghBCiOFDBjQBcossYxgj/PXzXlCKiRBCDCsyoIlwQjvlrz50uH04s0/Hnjq3DEAa5MHNQggh8iMD2icH3n2/WLlqd1kE/tY7VxdXTV5a1nw9/6JF5X8paECR96dnvDruxcuFEELkQwZUCCGESEAGVAghhEhABlQIIYRIQAZUCCGESEAGVAghhEhABlQIIYRIQAZUCCGESEAGVAghhEhABlQIIYRIQAZUCCGESEAGVAghhEhABlQIIYRIQAZUCCGESEAGVAghhIimKP4XBcAIzFfvoBoAAAAASUVORK5CYII='
img_data = base64.b64decode(img_str)
with open('1.png', 'wb') as f:
f.write(img_data)
print 'successful'
最終得到flag:
flag{ICS-mms104}
1.
下載附件得到一個文件,打開是一些ZERO ONE組成的文件
https://adworld.xctf.org.cn/media/task/attachments/cca1ce4b15ba4ac7950f6d03f8fa6ad1
2.
將ZERO替換為0,ONE替換為1
0100110001101001001100000110011101001100011010010011000001110101010011000110100101000001011101010100100101000011001100000111010101001100011010010011000001100111010011000101001100110100011101000100110001101001010000010111010001001001010000110011010001110101010011000101001100110100011001110100110001010011010000010111010101001100011010010011010001110101010010010100001100110100011101000100110001010011001100000111010001001001010000110011010001110101010011000110100100110100011101010100100101000011001100000111010001001100010100110100000101110101010011000101001100110000011101000100110001010011010000010111010101001100011010010011010001100111010011000101001100110000011101000100100101000011001101000111010101001100011010010011010001110101010010010100001100110100011101010100110001010011010000010111010101001100010100110011000001110101010010010100001100110100011101010100110001101001001100000111010001001001010000110011010001110100010011000110100101000001011101000100110001010011001100000110011101001100011010010011010001110101010011000110100100110100011001110100110001101001010000010111010001001100011010010011000001110101010010010100001100110100011101000100110001101001010000010111010101001100011010010011010001110100010011000101001101000001011101000100100101000011001100000111010001001100010100110100000101110100010010010100001100110000011101010100110001101001001100000110011101001100010100010011110100111101
3.將二進制轉換成asci編碼
http://www.txttool.com/wenben_binarystr.asp
得到字符:
Li0gLi0uLiAuIC0uLi0gLS4tLiAtIC4uLS4gLSAuLi4uIC4tLS0tIC4uLi4uIC0tLSAuLS0tLSAuLi4gLS0tIC4uLi4uIC4uLSAuLS0uIC4uLi0tIC4tLiAtLS0gLi4uLi4gLiAtLi0uIC4tLiAuLi4tLSAtIC0tLSAtIC0uLi0gLQ==
是base64編碼,解碼得:
https://base64.us/
得到解密后的摩爾斯:
.- .-.. . -..- -.-. - ..-. - .... .---- ..... --- .---- ... --- ..... ..- .--. ...-- .-. --- ..... . -.-. .-. ...-- - --- - -..- -
進行Morse Code解碼得:
得到:
ALEXCTFTH15O1SO5UP3RO5ECR3TOTXT
也可以通過腳本得到:
import base64
#import morse_talk as mtalk
with open('flag', 'r') as f:
data = f.read()
data = data.replace("ZERO","0").replace("ONE","1").replace(' ','').replace('\n','')
word=''
for i in range(0, len(data), 8):
word+=(chr(int(data[i:i+8], 2)))
word=base64.b64decode(word).decode(encoding='UTF-8')
s = word.split(" ")
print(s)
dict = {'.-': 'A',
'-...': 'B',
'-.-.': 'C',
'-..':'D',
'.':'E',
'..-.':'F',
'--.': 'G',
'....': 'H',
'..': 'I',
'.---':'J',
'-.-': 'K',
'.-..': 'L',
'--': 'M',
'-.': 'N',
'---': 'O',
'.--.': 'P',
'--.-': 'Q',
'.-.': 'R',
'...': 'S',
'-': 'T',
'..-': 'U',
'...-': 'V',
'.--': 'W',
'-..-': 'X',
'-.--': 'Y',
'--..': 'Z',
'.----': '1',
'..---': '2',
'...--': '3',
'....-': '4',
'.....': '5',
'-....': '6',
'--...': '7',
'---..': '8',
'----.': '9',
'-----': '0',
'..--..': '?',
'-..-.': '/',
'-.--.-': '()',
'-....-': '-',
'.-.-.-': '.'
}
for item in s:
print (dict[item],end='')
加上花括號,將o替換為_ 即可得:通過測試,全是大寫,才正確
ALEXCTF{TH15_1S_5UP3R_5ECR3T_TXT}